clawarmor 3.0.1 → 3.2.0

package/lib/profile-cmd.js

@@ -0,0 +1,214 @@
+// lib/profile-cmd.js — clawarmor profile command
+// Subcommands: list, detect, set <name>, show
+
+import { existsSync, mkdirSync, readFileSync, writeFileSync } from 'fs';
+import { join } from 'path';
+import { homedir } from 'os';
+import { paint } from './output/colors.js';
+import { listProfiles, getProfile, detectProfile } from './profiles.js';
+import { loadConfig } from './config.js';
+
+const HOME = homedir();
+const CLAWARMOR_DIR = join(HOME, '.clawarmor');
+const PROFILE_FILE = join(CLAWARMOR_DIR, 'profile.json');
+const SEP = paint.dim('─'.repeat(52));
+
+function box(title) {
+  const W = 52, pad = W - 2 - title.length, l = Math.floor(pad / 2), r = pad - l;
+  return [
+    paint.dim('╔' + '═'.repeat(W - 2) + '╗'),
+    paint.dim('║') + ' '.repeat(l) + paint.bold(title) + ' '.repeat(r) + paint.dim('║'),
+    paint.dim('╚' + '═'.repeat(W - 2) + '╝'),
+  ].join('\n');
+}
+
+function readCurrentProfile() {
+  try {
+    if (!existsSync(PROFILE_FILE)) return null;
+    return JSON.parse(readFileSync(PROFILE_FILE, 'utf8'));
+  } catch { return null; }
+}
+
+function writeProfile(name) {
+  try {
+    mkdirSync(CLAWARMOR_DIR, { recursive: true });
+    writeFileSync(PROFILE_FILE, JSON.stringify({ name, setAt: new Date().toISOString() }, null, 2), 'utf8');
+    return true;
+  } catch { return false; }
+}
+
+function profileBadge(name) {
+  const badges = {
+    coding:    paint.cyan('coding'),
+    browsing:  paint.green('browsing'),
+    messaging: paint.yellow('messaging'),
+    general:   paint.dim('general'),
+  };
+  return badges[name] || paint.dim(name);
+}
+
+async function listCmd() {
+  console.log(''); console.log(box('ClawArmor Profiles')); console.log('');
+  console.log(`  ${paint.bold('Available profiles:')}`);
+  console.log('');
+
+  const current = readCurrentProfile();
+  const profiles = listProfiles();
+
+  for (const p of profiles) {
+    const isCurrent = current?.name === p.name;
+    const marker = isCurrent ? paint.green('→') : paint.dim('·');
+    const badge = profileBadge(p.name);
+    console.log(`  ${marker} ${badge.padEnd(12)}  ${p.description}`);
+    if (p.allowedCapabilities.length > 0) {
+      console.log(`       ${paint.dim('allows:')} ${paint.dim(p.allowedCapabilities.join(', '))}`);
+    }
+    if (p.restrictedCapabilities.length > 0) {
+      console.log(`       ${paint.dim('restricts:')} ${paint.dim(p.restrictedCapabilities.join(', '))}`);
+    }
+    console.log('');
+  }
+
+  if (current) {
+    console.log(`  ${paint.dim('Current profile:')} ${profileBadge(current.name)}`);
+  } else {
+    console.log(`  ${paint.dim('No profile set. Defaulting to')} ${profileBadge('general')}`);
+    console.log(`  ${paint.dim('Set with:')} ${paint.cyan('clawarmor profile set <name>')}`);
+  }
+  console.log('');
+  return 0;
+}
+
+async function detectCmd() {
+  console.log(''); console.log(box('ClawArmor Profile Detect')); console.log('');
+
+  const { config } = loadConfig();
+  const { profile: detected, reasons } = detectProfile(config);
+
+  console.log(`  ${paint.bold('Auto-detected profile:')} ${profileBadge(detected)}`);
+  console.log('');
+  console.log(`  ${paint.dim('Reasoning:')}`);
+  for (const reason of reasons) {
+    console.log(`    ${paint.dim('·')} ${reason}`);
+  }
+  console.log('');
+
+  const profileDef = getProfile(detected);
+  if (profileDef) {
+    console.log(`  ${paint.dim('Profile description:')} ${profileDef.description}`);
+  }
+
+  const current = readCurrentProfile();
+  if (current && current.name !== detected) {
+    console.log('');
+    console.log(`  ${paint.yellow('!')} Current profile is ${profileBadge(current.name)}, detected ${profileBadge(detected)}`);
+    console.log(`  ${paint.dim('Run')} ${paint.cyan(`clawarmor profile set ${detected}`)} ${paint.dim('to switch.')}`);
+  } else if (!current) {
+    console.log('');
+    console.log(`  ${paint.dim('Run')} ${paint.cyan(`clawarmor profile set ${detected}`)} ${paint.dim('to activate this profile.')}`);
+  }
+
+  console.log('');
+  return 0;
+}
+
+async function setCmd(name) {
+  if (!name) {
+    console.log('');
+    console.log(`  ${paint.red('✗')} Profile name required.`);
+    console.log(`  Usage: ${paint.cyan('clawarmor profile set <name>')}`);
+    console.log(`  Available: ${listProfiles().map(p => p.name).join(', ')}`);
+    console.log('');
+    return 1;
+  }
+
+  const profile = getProfile(name);
+  if (!profile) {
+    console.log('');
+    console.log(`  ${paint.red('✗')} Unknown profile: ${paint.bold(name)}`);
+    console.log(`  Available: ${listProfiles().map(p => p.name).join(', ')}`);
+    console.log('');
+    return 1;
+  }
+
+  const ok = writeProfile(name);
+  console.log('');
+  if (ok) {
+    console.log(`  ${paint.green('✓')} Profile set to ${profileBadge(name)}`);
+    console.log(`  ${paint.dim(profile.description)}`);
+    console.log('');
+    console.log(`  ${paint.dim('Run')} ${paint.cyan('clawarmor harden --profile ' + name)} ${paint.dim('for profile-aware recommendations.')}`);
+    console.log(`  ${paint.dim('Run')} ${paint.cyan('clawarmor audit --profile ' + name)} ${paint.dim('for profile-adjusted scoring.')}`);
+  } else {
+    console.log(`  ${paint.red('✗')} Failed to write profile to ${PROFILE_FILE}`);
+  }
+  console.log('');
+  return ok ? 0 : 1;
+}
+
+async function showCmd() {
+  console.log(''); console.log(box('ClawArmor Current Profile')); console.log('');
+
+  const current = readCurrentProfile();
+
+  if (!current) {
+    console.log(`  ${paint.dim('No profile set.')}`);
+    console.log(`  ${paint.dim('Defaulting to general — no relaxations or restrictions applied.')}`);
+    console.log('');
+    console.log(`  ${paint.dim('Set a profile:')} ${paint.cyan('clawarmor profile set <name>')}`);
+    console.log(`  ${paint.dim('Auto-detect:')}   ${paint.cyan('clawarmor profile detect')}`);
+    console.log('');
+    return 0;
+  }
+
+  const profileDef = getProfile(current.name);
+  const setAt = current.setAt ? new Date(current.setAt).toLocaleString('en-US', { dateStyle: 'medium', timeStyle: 'short' }) : 'unknown';
+
+  console.log(`  ${paint.bold('Profile:')}  ${profileBadge(current.name)}`);
+  console.log(`  ${paint.bold('Set at:')}   ${setAt}`);
+  console.log('');
+
+  if (profileDef) {
+    console.log(`  ${paint.dim(profileDef.description)}`);
+    console.log('');
+    if (profileDef.allowedCapabilities.length > 0) {
+      console.log(`  ${paint.green('Allowed:')}    ${profileDef.allowedCapabilities.join(', ')}`);
+    }
+    if (profileDef.restrictedCapabilities.length > 0) {
+      console.log(`  ${paint.yellow('Restricted:')} ${profileDef.restrictedCapabilities.join(', ')}`);
+    }
+    if (Object.keys(profileDef.checkWeightOverrides).length > 0) {
+      console.log('');
+      console.log(`  ${paint.dim('Check overrides:')}`);
+      for (const [check, severity] of Object.entries(profileDef.checkWeightOverrides)) {
+        console.log(`    ${paint.dim(check)} → ${severity}`);
+      }
+    }
+  }
+
+  console.log('');
+  console.log(`  ${paint.dim('Change profile:')} ${paint.cyan('clawarmor profile set <name>')}`);
+  console.log(`  ${paint.dim('List profiles:')}  ${paint.cyan('clawarmor profile list')}`);
+  console.log('');
+  return 0;
+}
+
+export async function runProfileCmd(args = []) {
+  const sub = args[0];
+
+  if (!sub || sub === 'list') return listCmd();
+  if (sub === 'detect')       return detectCmd();
+  if (sub === 'set')          return setCmd(args[1]);
+  if (sub === 'show')         return showCmd();
+
+  console.log('');
+  console.log(`  ${paint.red('✗')} Unknown profile subcommand: ${paint.bold(sub)}`);
+  console.log('');
+  console.log(`  ${paint.bold('Profile subcommands:')}`);
+  console.log(`    ${paint.cyan('clawarmor profile list')}`);
+  console.log(`    ${paint.cyan('clawarmor profile detect')}`);
+  console.log(`    ${paint.cyan('clawarmor profile set <name>')}`);
+  console.log(`    ${paint.cyan('clawarmor profile show')}`);
+  console.log('');
+  return 1;
+}

package/lib/profiles.js

@@ -0,0 +1,159 @@
+// lib/profiles.js — Contextual hardening profiles
+// Profiles adjust harden/audit recommendations based on what the agent actually does.
+
+const PROFILES = {
+  coding: {
+    name: 'coding',
+    description: 'Code-focused agent — exec, file write, git are expected. External sends are restricted.',
+    allowedCapabilities: ['exec', 'file.write', 'git', 'file.read'],
+    restrictedCapabilities: ['external.send', 'external.network', 'channel.external'],
+    checkWeightOverrides: {
+      // exec being enabled is EXPECTED for a coding agent — downgrade severity
+      'exec.ask.off': 'INFO',
+      'exec.approval': 'INFO',
+      // external sends from a coding agent are UNEXPECTED — upgrade severity
+      'channel.groupPolicy': 'HIGH',
+      'channel.allowFrom': 'HIGH',
+    },
+  },
+  browsing: {
+    name: 'browsing',
+    description: 'Web browsing agent — fetch and read are expected. File writes and exec are restricted.',
+    allowedCapabilities: ['fetch', 'file.read', 'web'],
+    restrictedCapabilities: ['exec', 'file.write', 'channel.external'],
+    checkWeightOverrides: {
+      // file writes from a browsing agent are UNEXPECTED
+      'filesystem.perms': 'HIGH',
+      // exec from a browsing agent is UNEXPECTED
+      'exec.ask.off': 'HIGH',
+      'exec.approval': 'HIGH',
+    },
+  },
+  messaging: {
+    name: 'messaging',
+    description: 'Messaging agent — channel access and send are expected. Exec and file access are restricted.',
+    allowedCapabilities: ['channel.send', 'channel.read', 'message'],
+    restrictedCapabilities: ['exec', 'file.write', 'file.read'],
+    checkWeightOverrides: {
+      // channel sends are EXPECTED for a messaging agent — downgrade severity
+      'channel.groupPolicy': 'INFO',
+      'channel.allowFrom': 'INFO',
+      // exec from a messaging agent is UNEXPECTED
+      'exec.ask.off': 'HIGH',
+      'exec.approval': 'HIGH',
+    },
+  },
+  general: {
+    name: 'general',
+    description: 'General-purpose agent — balanced defaults. No relaxations or extra restrictions.',
+    allowedCapabilities: [],
+    restrictedCapabilities: [],
+    checkWeightOverrides: {},
+  },
+};
+
+/**
+ * Get a profile by name.
+ * @param {string} name
+ * @returns {object|null}
+ */
+export function getProfile(name) {
+  return PROFILES[name] || null;
+}
+
+/**
+ * List all available profiles.
+ * @returns {object[]}
+ */
+export function listProfiles() {
+  return Object.values(PROFILES);
+}
+
+/**
+ * Auto-detect profile from openclaw config.
+ * @param {object} config - parsed openclaw.json
+ * @returns {{ profile: string, reasons: string[] }}
+ */
+export function detectProfile(config) {
+  if (!config) return { profile: 'general', reasons: ['No config found — using general profile'] };
+
+  const reasons = [];
+
+  // Check for exec tools
+  const execEnabled = config?.tools?.exec?.enabled !== false && config?.exec?.enabled !== false;
+  const execAsk = config?.tools?.exec?.ask ?? config?.exec?.ask;
+  const hasExec = execEnabled && execAsk !== 'always';
+
+  // Check for web/fetch tools
+  const hasWeb = !!(
+    config?.tools?.fetch || config?.tools?.web ||
+    (config?.skills && JSON.stringify(config.skills).toLowerCase().includes('browser'))
+  );
+
+  // Check for channel/messaging tools
+  const hasChannels = !!(
+    config?.channels || config?.messaging ||
+    (config?.tools && JSON.stringify(config.tools).toLowerCase().includes('channel'))
+  );
+
+  // Check for git
+  const hasGit = !!(
+    config?.tools?.git ||
+    (config?.skills && JSON.stringify(config.skills).toLowerCase().includes('git'))
+  );
+
+  // Decision logic
+  if (hasExec && hasGit && !hasChannels) {
+    reasons.push('exec tools present → coding agent');
+    if (hasGit) reasons.push('git tools detected → coding profile');
+    return { profile: 'coding', reasons };
+  }
+
+  if (hasChannels && !hasExec) {
+    reasons.push('channel/messaging tools present → messaging agent');
+    return { profile: 'messaging', reasons };
+  }
+
+  if (hasWeb && !hasExec && !hasChannels) {
+    reasons.push('web/fetch tools present → browsing agent');
+    return { profile: 'browsing', reasons };
+  }
+
+  reasons.push('No strong signal detected → using general profile');
+  return { profile: 'general', reasons };
+}
+
+/**
+ * Check if a finding is expected for a given profile.
+ * @param {string} profileName
+ * @param {string} checkId - the check/finding id
+ * @returns {boolean}
+ */
+export function isExpectedFinding(profileName, checkId) {
+  const profile = getProfile(profileName);
+  if (!profile) return false;
+  const id = (checkId || '').toLowerCase();
+  // Check if this finding's id matches any allowed capability patterns
+  // For exec findings in a coding profile, they're expected
+  if (profileName === 'coding' && (id.includes('exec') && (id.includes('ask') || id.includes('approval')))) return true;
+  if (profileName === 'messaging' && (id.includes('channel') && (id.includes('group') || id.includes('allow')))) return true;
+  return false;
+}
+
+/**
+ * Get overridden severity for a check in a given profile.
+ * @param {string} profileName
+ * @param {string} checkId
+ * @param {string} defaultSeverity
+ * @returns {string} overridden or original severity
+ */
+export function getOverriddenSeverity(profileName, checkId) {
+  const profile = getProfile(profileName);
+  if (!profile) return null;
+  const id = (checkId || '').toLowerCase();
+  // Check overrides by matching check id prefixes
+  for (const [pattern, overrideSev] of Object.entries(profile.checkWeightOverrides)) {
+    if (id.includes(pattern.toLowerCase())) return overrideSev;
+  }
+  return null;
+}

package/lib/protect.js

@@ -68,7 +68,8 @@ Install with: \`clawarmor protect --install\`
 `;
 
 const HANDLER_JS = `// clawarmor-guard hook handler
-// Fires on gateway:startup. Silent unless score drops or CRITICAL finding appears.
+// Fires on gateway:startup and after clawhub skill installs.
+// Silent unless score drops or CRITICAL finding appears.
 // No external dependencies.
 
 import { spawnSync } from 'child_process';
@@ -79,6 +80,7 @@ import { homedir } from 'os';
 const HOME = homedir();
 const CLAWARMOR_DIR = join(HOME, '.clawarmor');
 const LAST_SCORE_FILE = join(CLAWARMOR_DIR, 'last-score.json');
+const SKILL_REPORT_FILE = join(CLAWARMOR_DIR, 'skill-install-report.json');
 
 function readLastScore() {
   try {
@@ -109,8 +111,81 @@ function runAuditJson() {
   return null;
 }
 
-// Main hook entry point — called by openclaw on gateway:startup
+function runStackSync() {
+  try {
+    spawnSync('clawarmor', ['stack', 'sync'], {
+      encoding: 'utf8',
+      timeout: 60000,
+      stdio: 'ignore',
+    });
+  } catch {}
+}
+
+function buildProposedFixes(newFindings) {
+  const fixes = [];
+  for (const f of newFindings) {
+    const id = (f.id || '').toLowerCase();
+    if (id.includes('exec') && id.includes('ask')) {
+      fixes.push('openclaw config set tools.exec.ask on-miss');
+    } else if (id.includes('gateway') && id.includes('host')) {
+      fixes.push('openclaw config set gateway.host 127.0.0.1');
+    } else if (id.includes('cred') || id.includes('filesystem')) {
+      fixes.push('clawarmor harden --auto');
+    } else if (id.includes('skill')) {
+      fixes.push('clawarmor scan');
+    }
+  }
+  return [...new Set(fixes)];
+}
+
+function handleSkillInstall(skillName, scoreBefore, auditResult) {
+  const scoreAfter = auditResult?.score ?? null;
+  if (scoreAfter === null) return;
+
+  // Regenerate stack rules for new tool surface
+  runStackSync();
+
+  const scoreDelta = scoreAfter - scoreBefore;
+
+  if (scoreDelta < 0) {
+    const prevFailed = [];
+    const newFailed = auditResult.failed || [];
+    // newFindings = findings in new audit not previously known
+    const lastState = readLastScore();
+    const prevIds = new Set((lastState?.failedIds || []));
+    const newFindings = newFailed.filter(f => !prevIds.has(f.id));
+    const proposedFixes = buildProposedFixes(newFindings);
+
+    const report = {
+      skill: skillName,
+      installedAt: new Date().toISOString(),
+      scoreBefore,
+      scoreAfter,
+      scoreDelta,
+      newFindings,
+      proposedFixes,
+    };
+
+    try {
+      mkdirSync(CLAWARMOR_DIR, { recursive: true });
+      writeFileSync(SKILL_REPORT_FILE, JSON.stringify(report, null, 2), 'utf8');
+    } catch {}
+
+    console.error(\`⚠ ClawArmor: skill install dropped score \${scoreBefore}→\${scoreAfter} (\${scoreDelta}). Run: clawarmor stack sync && clawarmor fix --dry-run\`);
+  } else {
+    console.error(\`✓ ClawArmor: score unchanged after install (\${scoreAfter}/100)\`);
+  }
+}
+
+// Main hook entry point — called by openclaw on gateway:startup and clawhub install
 export default async function handler(event) {
+  const isSkillInstall = event?.type === 'clawhub:install' || event?.skill;
+  const skillName = event?.skill || event?.args?.[0] || null;
+
+  // Capture score before install (for skill diff)
+  const lastState = readLastScore();
+  const lastScore = lastState?.score ?? null;
+
   let auditResult;
   try {
     auditResult = runAuditJson();
@@ -122,14 +197,20 @@ export default async function handler(event) {
   if (!auditResult) return;
 
   const newScore = auditResult.score ?? null;
-  const lastState = readLastScore();
-  const lastScore = lastState?.score ?? null;
   const isFirstRun = lastScore === null;
 
   if (newScore !== null) {
     if (isFirstRun) {
-      writeLastScore({ score: newScore, grade: auditResult.grade, timestamp: new Date().toISOString() });
+      writeLastScore({
+        score: newScore,
+        grade: auditResult.grade,
+        failedIds: (auditResult.failed || []).map(f => f.id),
+        timestamp: new Date().toISOString(),
+      });
       // First run — establish baseline silently
+      if (isSkillInstall && skillName) {
+        runStackSync();
+      }
       return;
     }
 
@@ -142,9 +223,16 @@ export default async function handler(event) {
       score: newScore,
       grade: auditResult.grade,
       criticals: newCriticalCount,
+      failedIds: (auditResult.failed || []).map(f => f.id),
       timestamp: new Date().toISOString(),
     });
 
+    // Skill install post-audit diff
+    if (isSkillInstall && skillName) {
+      handleSkillInstall(skillName, lastScore, auditResult);
+      return;
+    }
+
     if (newCriticalCount > hadCriticals) {
       // New CRITICAL finding — alert immediately
       const names = newCriticals.map(f => f.id || f.title).join(', ');

package/lib/scan.js

@@ -16,28 +16,40 @@ function box(title) {
     paint.dim('╚'+'═'.repeat(W-2)+'╝')].join('\n');
 }
 
-export async function runScan() {
-  console.log(''); console.log(box('ClawArmor Skill Scan  v0.6')); console.log('');
-  console.log(`  ${paint.dim('Scanning:')} Installed OpenClaw skills (code + SKILL.md)`);
-  console.log(`  ${paint.dim('Started:')}  ${new Date().toLocaleString('en-US',{dateStyle:'medium',timeStyle:'short'})}`);
-  console.log('');
+export async function runScan(flags = {}) {
+  const jsonMode = flags.json || false;
+
+  if (!jsonMode) {
+    console.log(''); console.log(box('ClawArmor Skill Scan  v0.6')); console.log('');
+    console.log(`  ${paint.dim('Scanning:')} Installed OpenClaw skills (code + SKILL.md)`);
+    console.log(`  ${paint.dim('Started:')}  ${new Date().toLocaleString('en-US',{dateStyle:'medium',timeStyle:'short'})}`);
+    console.log('');
+  }
 
   const skills = findInstalledSkills();
   if (!skills.length) {
-    console.log(`  ${paint.dim('No installed skills found.')}`); console.log(''); return 0;
+    if (jsonMode) {
+      process.stdout.write(JSON.stringify({ verdict: 'PASS', score: 100, totalSkills: 0, flaggedSkills: 0, findings: [], scannedAt: new Date().toISOString() }, null, 2) + '\n');
+    } else {
+      console.log(`  ${paint.dim('No installed skills found.')}`); console.log('');
+    }
+    return 0;
   }
 
   const userSkills = skills.filter(s => !s.isBuiltin);
   const builtinSkills = skills.filter(s => s.isBuiltin);
-  console.log(`  ${paint.dim('Found')} ${paint.bold(String(skills.length))} ${paint.dim('skills')} ${paint.dim(`(${userSkills.length} user-installed, ${builtinSkills.length} built-in)`)}`);
-  console.log('');
+  if (!jsonMode) {
+    console.log(`  ${paint.dim('Found')} ${paint.bold(String(skills.length))} ${paint.dim('skills')} ${paint.dim(`(${userSkills.length} user-installed, ${builtinSkills.length} built-in)`)}`);
+    console.log('');
+  }
 
   let totalCritical = 0, totalHigh = 0;
   const flagged = [];
   const auditFindings = []; // accumulated for audit log
+  const jsonFindings = []; // for --json output
 
   for (const skill of skills) {
-    process.stdout.write(`  ${skill.isBuiltin ? paint.dim('⊙') : paint.cyan('▶')} ${paint.bold(skill.name)}${paint.dim(skill.isBuiltin?' [built-in]':' [user]')}...`);
+    if (!jsonMode) process.stdout.write(`  ${skill.isBuiltin ? paint.dim('⊙') : paint.cyan('▶')} ${paint.bold(skill.name)}${paint.dim(skill.isBuiltin?' [built-in]':' [user]')}...`);
 
     // Code findings (JS, py, sh, etc.)
     const codeFindings = skill.files.flatMap(f => scanFile(f, skill.isBuiltin));
@@ -56,21 +68,80 @@ export async function runScan() {
 
     totalCritical += critical.length; totalHigh += high.length;
 
-    if (!allFindings.length) { process.stdout.write(` ${paint.green('✓ clean')}\n`); continue; }
+    // Collect findings for JSON output
+    for (const f of allFindings) {
+      if (['CRITICAL','HIGH','MEDIUM','LOW'].includes(f.severity)) {
+        for (const m of (f.matches || [])) {
+          jsonFindings.push({
+            skill: skill.name,
+            severity: f.severity,
+            patternId: f.patternId || f.id || 'unknown',
+            message: f.title || f.description || '',
+            file: (f.file || '').replace(HOME, '~'),
+            line: m.line,
+          });
+        }
+        if (!(f.matches && f.matches.length)) {
+          jsonFindings.push({
+            skill: skill.name,
+            severity: f.severity,
+            patternId: f.patternId || f.id || 'unknown',
+            message: f.title || f.description || '',
+            file: (f.file || '').replace(HOME, '~'),
+            line: null,
+          });
+        }
+      }
+    }
+
+    if (!jsonMode) {
+      if (!allFindings.length) { process.stdout.write(` ${paint.green('✓ clean')}\n`); continue; }
 
-    const parts = [];
-    if (critical.length) parts.push(paint.red(`${critical.length} critical`));
-    if (high.length) parts.push(paint.yellow(`${high.length} high`));
-    if (medium.length) parts.push(paint.cyan(`${medium.length} medium`));
-    if (info.length) parts.push(paint.dim(`${info.length} info`));
-    process.stdout.write(` ${parts.join(', ')}\n`);
+      const parts = [];
+      if (critical.length) parts.push(paint.red(`${critical.length} critical`));
+      if (high.length) parts.push(paint.yellow(`${high.length} high`));
+      if (medium.length) parts.push(paint.cyan(`${medium.length} medium`));
+      if (info.length) parts.push(paint.dim(`${info.length} info`));
+      process.stdout.write(` ${parts.join(', ')}\n`);
+    }
 
     if (critical.length || high.length || medium.length) {
       flagged.push({ skill, codeFindings, mdResults });
     }
   }
 
-  // Detailed report for flagged skills
+  // JSON output mode
+  if (jsonMode) {
+    // Compute scan score: start 100, -25 per CRITICAL, -10 per HIGH, -3 per MEDIUM
+    let scanScore = 100;
+    for (const f of jsonFindings) {
+      if (f.severity === 'CRITICAL') scanScore -= 25;
+      else if (f.severity === 'HIGH') scanScore -= 10;
+      else if (f.severity === 'MEDIUM') scanScore -= 3;
+    }
+    scanScore = Math.max(0, scanScore);
+
+    let verdict = 'PASS';
+    if (totalCritical > 0) verdict = 'BLOCK';
+    else if (totalHigh > 0) verdict = 'WARN';
+
+    const output = {
+      verdict,
+      score: scanScore,
+      totalSkills: skills.length,
+      flaggedSkills: flagged.length,
+      findings: jsonFindings,
+      scannedAt: new Date().toISOString(),
+    };
+    process.stdout.write(JSON.stringify(output, null, 2) + '\n');
+
+    auditLogAppend({ cmd: 'scan', trigger: 'manual', score: null, delta: null,
+      findings: auditFindings, blocked: null, skill: null });
+
+    return totalCritical > 0 ? 1 : 0;
+  }
+
+  // Detailed human report for flagged skills
   for (const {skill, codeFindings, mdResults} of flagged) {
     console.log(''); console.log(SEP);
     console.log(`  ${paint.bold(skill.name)}  ${paint.dim(short(skill.path))}`);